Home > Blockchain >  What is the difference between signature and anomaly based IDS
What is the difference between signature and anomaly based IDS

Time:08-11

I was assigned to work on IDS using snort for my internship project. On my study to understand what IDSs is all about i can't seem to clearly understand the different detection techniques ( Signature based and Anomaly Based)

CodePudding user response:

I would suggest to read the following article, it is short and comprehensible:

https://www.n-able.com/blog/intrusion-detection-system

For short:

Signature-based detection scans for known/similar threats stored in a database. Anomaly-based detection analyses traffic etc. and finds "anomalies" via algorithmns.

  • Related